micro targeting is a threat to our democracy (cambridge analytica, Facebooks desinformation problem,..). Besides, why should third parties allowed to trade my digital persona, while basically knowing more about my interests and flaws than I am? I hate cookie banner as well but this excessive tracking must be stopped somehow.
Just install a plugin that does that for you, not sure why that would inconvenience anyone. The tools exists out there to make you never see such a popup again, why not use it?
The regulation says nothing about a cookie banner. Instead, it says companies cannot track you unless you give consent.
If you don't like cookie banners, which are indeed really annoying, you should be turning your ire to the companies that wish to track you. They are fully-functional solutions that allow anonymous tracking without installing cookies on your computer - no banner needed then.
I'm a grown up adult and if I wanted to block tracking I could. The fact that I don't should be the only answer needed but that's not good enough for the EU. They want to force companies to ask me because they want to take care of me and make sure I'm all right. You know, I left home at 18 to get away from my parents...
Unless you want to be using tor all day every day, and never make an online purchase or log in on a website ever again, there's really no way to stop companies from tracking you. The only way to make that happen is if a regulatory authority forces them to. That's why the GDPR exists.
Why couldn't that have happened in the browser though? We have plenty of mechanisms to block and/or delete cookies.
Essentially, now we're at a state where consent banners exist, slowing down all sites, and there are like four states: a) they look compliant, but are ignored by the website provider (the EU itself takes this approach), b) they are flat out ignored (a lot of companies still take this approach) c) they aren't compliant (tiny "no" link, huge "yes, take my firstborn" link) d) they're compliant and are paywalls (buy subscription or accept everything under the sun).
d) is what we're probably going to end up with, so you either pay or you accept tracking. More and more solutions offer that as an option so adoption will grow. Most people accept tracking (stats that I've seen say that those paying are like 1/10,000th), so what have we won exactly by doing this dance?
> Why couldn't that have happened in the browser though?
That would require more regulation, by regulating both browsers and websites, and their technical protocol. Instead the EU tried to minimize regulation by not prescribing the exact technical means by which websites would need to obtain consent for tracking from users.
Why would cookie-handling in the browser require websites to be regulated? They can set cookies, your browser reads the request and then decides to store them or not to store them, or to only store them for some amount of time, based on your preferences.
Browsers could already do most of it, and there are far fewer browser manufacturers than website owners, and they have far more resources than the average website owner, and, at least for some of them (all of them except Chrome), the incentives would be aligned. Right now it's "protect the user (and earn less money)", and the results are unsurprising.
The browser can’t distinguish between legitimate “necessary” cookies that don’t require consent and those that do. Hence there would need to be a technical specification of how websites mark cookies that do (or don’t) require consent. Even more importantly, for cookies that do require consent, the user has to be informed about their respective purpose, so that they can make an informed decision about whether they want to accept or reject the cookie. So there would need to be some standardized way for the website to give that information for each cookie, if the browser is to handle acceptance on behalf of the user.
Lastly, cookies aren’t the only way of tracking. Websites can also use local storage, or fingerprinting, and so on, each of which can equally require consent. If the browser consent mechanism is restricted to cookies, websites would have to be mandated to always use a cookie to ask for consent, even when they actually use other means for tracking, and websites would have to explicitly check whether the cookie is stored or not in order to control any other tracking.
The cookie banner is an implementation choice. Companies can already accept the DNT header to stop tracking. I believe Medium does this, it even replaces embeds with click through elements so external scripts can't track you.
However, choosing to respect the users' wishes isn't very profitable. You need to make your ads relevant to the content somehow andtthat requires effort and skills. It's much more profitable to trick people into consenting with tracking so you can sell their information, so the more annoying your cookie popup becomes, the more money you can make. IAB has already been fined for such a popup mechanism.
"Do not track" is not enough to comply with GDPR because you must also be able to request a copy or corrections of your personal information once you have given consent. Then there's the option to allow some companies to track you (say, analytics companies) but not others (say, Google) that needs to be taken into account.
Back in the day, Microsoft's P3P protocol was trying to fix this problem, but nobody used it. DNT headers also aren't really configurable in the browser itself, you can only pick on or off.
A protocol is being developed that may solve this (https://www.dataprotectioncontrol.org/) but I'm sure it won't work until the EU forces company to take such protocols into account. After all, ignoring people's wishes is literally how these ad empires are making money now.
